Malware

Question

how do i remove malware manually?

I have this software-- F-Secure Software on my laptop.How do I spot it and remove it manually? Plus I cannot install certain programs on my laptop.These are programs that I previously installed,but can't get to installing them now.What's going on?I have an anti-virus anti spyware prog installed.Why can't it remove these threats?

All Answers

Try this

Launch msconfig from the Run box.For the first suspicious item, expand the "Location" column to see where it is loading from in the registry.Click on Start, Run, type "regedit" and click OK.Browse to the key listed in the "Location" column for MSCONFIG.Delete the key on the right hand side only, that specifically matches that startup item. **See example below.** Note the "Command" folder in MSCONFIG. Browse to this folder, and delete the .exe file itself. See the example below.

-----EXAMPLE-----In this example, the Startup Tab of MSCONFIG indicates that:

xyz.exe loads from Command "C:\WINDOWS\xyz.exe" and Location

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"

In this case, go to the registry editor and find that Run key on the left window. On the right hand Window pane you'll see each item in that Run key, specifically "xyz.exe" in this case. Delete the entry for "xyz.exe" in the registry only.

Browse to the C:\WINDOWS\folder, and manually delete the xyz.exe file that resides there.-----------------

If that is not successful try this

Follow the steps below with the System started and restarted in Safe Mode with Networking. Running in Safe Mode loads a minimal set of drivers for the Operating System. You can use these options to start Windows so that you can modify the registry or load or remove drivers.

Removing malware from System Restore points To remove the malware, you must first disable System Restore, then scan the system with up-to-date antivirus software - allowing it to clean, delete, or quarantine any viruses found. After the system has been disinfected, you may then re-enable System Restore. The steps for disabling System Restore vary, depending on whether the default Start Menu or the Classic Start Menu is being used.

Classic Start Menu XPIf using the Classic Start Menu, click Start | Settings | Control Panel and double-click the System icon. Select the System Restore tab and check "Turn off System Restore".

VistaStart, right mouse click Computer and select Properties. Select Advanced System Properties, click contine and then System Protection. Untick the box nect to Local Disk C: and click on Turn System Restore off.

After scanning the system and removing the offending malware, re-enable System Restore by repeating the steps, this time removing the check from "Turn off System Restore".

Click Start, Run type msconfig and press Enter.

Now if you have the Configuration Utility open. Configure selective startup optionsIn the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.Click to clear the Process SYSTEM.INI File check box.Click to clear the Process WIN.INI File check box.Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.Click the Services tab.Click to select the Hide All Microsoft Services check box.Click Disable All, and then click OK.When you are prompted, save the settings and restart the PC.When the System is disinfected re-run the Configuration Utility and in the System Configuration Utility dialog box, click the General tab, and then click Normal Startup.

* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.* If an update is found, it will download and install the latest version.* Once the program has loaded, select Perform Quick Scan, then click Scan.* When the scan is complete, click OK, then Show Results to view the results.* Be sure that everything is checked, and click Remove Selected.

I would keep scanning with it until it is clean by closing out and rebooting and running it again.

Just to be on the safe side when you finish do an online scan with Bitdefender. Or Google for an online scanner.

With the new strains of Virus that have been created you may find it necessary to rename the executable files so that they will work. Rename mbam-setup.exe and then navigate to the install folder and rename mbam.exe. Do not change the files extension from .exe. Do the same with Spybot.

Step 1: Click the Start button and select Run. Now type the following text in that Run box and press Enter:

notepad c:\WINDOWS\system32\drivers\etc\hosts

Step 2: You will see a new notepad window on your screen containing some information. You should have a single entry of 127.0.0.1 localhost. If there are any other entries in there it means that those sites are being blocked and it is probably due to an infection.

The DNSChanger trojan is usually a small file (about 1.5 kilobytes) that is designed to change the 'NameServer' Registry key value to a custom IP address. This IP address is usually encrypted in the body of a trojan. As a result of this change a victim's computer will contact the newly assigned DNS server to resolve names of different webservers. And some of the resolved names will not point to legitimate websites - they will point to fake websites that look like real ones, but are created to steal sensitive information (like credit card numbers, logins and passwords).

Start or search

Create a new discussion

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Post type

Subject title

Topic Tags

Select up to 3 tags (1 tag required)

Cloud

Piracy

Security

Apple

Microsoft

IT Employment

Google

Open Source

Mobility

Social Enterprise

Community

Smartphones

Operating Systems

Windows

Mac

Malware

Tablets

Networking

Browser

Hardware

Software

Web Developerment

Linux

Off Topic

Message Body

Track this discussion and email me when there are updates

Please note: Do not post advertisements, offensive material, profanity, or personal attacks. Please remember to be considerate of other members. If you're new to the TechRepublic Forums, please read our TechRepublic Forums FAQ. All submitted content is subject to our Terms Of Use.